secure.fbi.gov

secure.fbi.gov .. it doesn't exist. I'll tell you that right now, so you dont waste your time trying to check it out. *grin*. My guess is that you got here from the choosing a password node, which briefly mentions the site secure.fbi.gov. Sorry to disappoint you; its not a real place.

However, to make up for your time in getting here and reading this, I will tell you a quick (true) story that does relate to secure.fbi.gov. You'll probably be amused -- I was, until ... well .. I'll get to that in a minute. About a year ago, a friend of mine asked me to design a website for him, so he could store all his Q3FAQ's, walkthru's, and clan sections. I said sure, why not.

There were a few 'members' areas (the clan sections mostly) that he wanted to be restricted from the rest of the site; so I went ahead and setup passwords with a few .htaccess and .htpasswd files. Although he was pretty specific on what he wanted for the rest of the site, he really didn't mention what he wanted (or if he cared) for the error pages themselves. (404 Not Found, 500 Server Error, 401 Not Authorized, etc). Well, I finished everything but the error pages, and did the majority of them in the same style as the rest of the site -- but I figured I would get a little 'creative' on the 401 - Not Authorized error. Here's a rough (stripped down) copy of what that page looked like: (yes, I used the wrong brackets. Too lazy to look up how to use normal html ones without them being eaten by E2)

Weeeeeeeeell. As you can see.. as soon as they hit that page, they hit a redirect (refresh, in 0 seconds) that takes them over to "http://secure.fbi.gov/restricted/archive/clintonsex.html" ... which no, doesn't exist, but I figured it would be amusing for them to look up at their URL bar and notice that they were trying to access something on the fbi.gov domain. Especially with that kind of URL. heh.

Unfortunately, the FBI does indeed, (apparently), parse their webserver logs as well. I am sure they did have the IP's of the people who had been 'trying to get to some porn stash on the FBI server' (because of my redirect), but unfortunately, what I hadn't really thought about was that it ALSO sent them the REFERRER (ie, where they came from / who sent them there). heh. They did indeed call the ISP and ask why someone was redirecting to their server, regardless that the page didn't exist.

I changed the error page. It no longer points at the FBI.
There's your (true) story. Enjoy, and get out of here. =)